We use cookies to customise content for your subscription and for analytics.If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

CAN SPAM what?

The FTC has announced settlements with the operators of a get-rich-quick scheme alleged to have falsely claimed that consumers could earn big money working with the defendants' "secret codes." The settlements permanently ban the defendants from marketing or selling certain types of software and impose a $7 million judgment.

Included in the fraudulent product representations, affiliate marketing problems and other allegations is CAN-SPAM charge: the defendants were alleged to have violated the CAN-SPAM Act by using deceptive header and subject lines, failing to identify email as an ad, failing to include a valid physical address, and failing to give recipients a way to opt out of future messages. As I've blogged about earlier, it is not uncommon for an FTC complaint to include charges related to the mechanism for the fraud, as well as the substance of it.

However, even responsible marketers who would never engage in the type of conduct alleged here such ensure that their email marketing is compliant with the The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, otherwise known as "CAN-SPAM". So, here are the key requirements for commercial emails:

The message may not include false or misleading header information.

The message may not include a deceptive subject line; it must accurately reflect the content of the message and can’t look like a personal message.

The message must be clearly identifiable as an ad, whether by labeling it as such or as made clear from the content itself.

The message must include the sender’s physical postal address.

The message must clearly and conspicuously tell recipients that they can, and how to, opt out of receiving future commercial emails from the sender. Any opt-out mechanism offered must be able to process opt-out requests for at least 30 days after the message is sent. And all opt-out requests must be processed within 10 business days of receipt. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on a website as a condition for honoring her opt-out request. Once people have told you they don’t want to receive more messages from you, you cannot sell or transfer their email addresses, except for the purposes of CAN-SPAM compliance. What all of this means is that any time you are sending out a new commercial email (or having a vendor do so), you (or your vendor) must “scrub” the list of recipients against your do-not-email list to ensure that the email is not going to anyone who has previously opted out of receiving commercial messages from you.

You must monitor what others are doing on your behalf. Both the company whose product is promoted in the message (the “sender”) and the company that actually sends the message (the “initiator”) may be held legally responsible for violations of CAN SPAM. Accordingly, it is important to include appropriate compliance provisions in contracts with vendors, monitor the messages they send on your behalf, and audit their practices.

The law does distinguish between commercial and transactional email, but even the latter must still comply with certain requirements, such as having a non-misleading subject line. While transactional emails do not have to be scrubbed against the marketer's do-not-email list or include an opt-out mechanism, the categories of emails considered "transactional" is limited, so marketers should exercise care. The types of emails considered "transactional" are only those that:

Facilitate, complete, or confirm a commercial transaction previously agreed to by the recipient;

Provide warranty, product recall, safety, or security information for a product or service purchased by the recipient;

Provide certain information regarding a membership, subscription, account, loan, or similar ongoing relationship between the recipient and sender (e.g., notification of a change in the terms or features of a membership or subscription, periodic account balance information);

Provide information about an employment relationship or related benefit plan in which the recipient is currently involved, participating, or enrolled; or

Deliver goods or services (such as product upgrades or updates) as part of a transaction to which the recipient previously agreed.

The rules implemented under CAN SPAM over the years address a number of other issues, such as Refer-A-Friend and multiple marketer emails, among others. I'll save those for another day and another blog post. Till then, happy emailing!

{ The complaint alleges that the defendants contacted consumers primarily with deceptive spam emails, sent by affiliate marketers in violation of the FTC Act’s prohibition against deceptive practices. Consumers who then went to the defendants’ websites were met with more deceptive claims, including online videos that featured individuals who falsely claimed they made hundreds to thousands of dollars per day using the defendants’ products. The complaint also alleges that the defendants did not honor their “60-day hassle-free money back guarantee” and made it extremely difficult, if not impossible, to obtain a full or partial refund.

Compare jurisdictions:Trademarks

“The new ACC Newsstand is one of the best e-resources that I have encountered in 21 years of practicing Employment Law. The information is timely, helpful and easy to navigate. Thank you for offering it and please continue it indefinitely!!”